Reputation: 401
Supplying credentials to web service via ActiveResource
This is my first attempt at writing a Rails app to consume an external web service.
I have done some basic experimentation retrieving some records from another rails app via ActiveResource which worked pretty well, but in this instance I am trying to access a third party web service which requires very specific authentication before I can do anything.
The service in question is a REST API provided by DNSMadeEasy the documentation for which can be located at http://www.dnsmadeeasy.com/services/rest-api/
The authentication requirements according to the documentation are as follows:
- Create the string representation of the current date and time in HTTP format. Example: Sat, 12 Feb 2011 20:59:04 GMT
- Calculate the hexadecimal HMAC SHA1 hash of that string using your Secret key as the hash key.
- Set the values for the request headers using your API key, the current date and time, and the HMAC hash that you calculated.
So I figured out how to get the date and calculate the hash:
request_date = Time.now.httpdate hmac = OpenSSL::HMAC.hexdigest('sha1', secret_key, request_date)
So my question has three parts:
Firstly, how do I then go about inserting this information in the HTTP header when I send off my request to the web service?
Secondly, how do I go about putting all this in a super class that my ActiveResource classes inherit from, so that I don’t have to worry about it in the classes for Domain and ResourceRecord?
Thirdly, is there a best practice for storing API and secret keys in your app, i.e. should this be done with an initializer, or is it best to use an environment variable?
Any tips and tricks for this sort of workflow would be extremely appreciated.
Thanks
Upvotes: 2
Views: 997
Answers (1)
Reputation: 23713
1 - You can set the headers by setting an instance variable called @headers like this:
class Base < ActiveResource::Base
@headers = { ‘key’ => ‘value’ }
end
Take a look at the source Active Resource: Headers
2 - Make all your resources inherit from that Base that you just created instead that making them inherit from ActiveResource::Base.
3 - I usually put those keys in environments files or I use this gem SettingsLogic
Upvotes: 3
Related Questions
- ApiAuth gem + ActiveResource
- Authenticating requests using ActiveResource and session tokens
- Consume HTTPS REST API in Rails via ActiveResource
- Rails 3.2, activeresource and certificate authentication
- What's the easiest way to use OAuth with ActiveResource?
- Ruby/Rails - consume webservice with ActiveResource
- Rails: Devise Authentication from an ActiveResource call
- Rails ActiveResource
- Consuming non-REST APIs in Rails with ActiveResource
- How Do I Authenticate to ActiveResource to Avoid the InvalidAuthenticityToken Response?